CVE-2022-3719

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-3719
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CVSS

No CVSS.

References

No reference.

Configurations

No configuration.

History

21 Nov 2022, 16:15

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 9.8 		v2 : unknown
v3 : unknown
References
  • {'url': 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707', 'name': 'https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707', 'tags': ['Issue Tracking', 'Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://vuldb.com/?id.212350', 'name': 'https://vuldb.com/?id.212350', 'tags': ['Third Party Advisory'], 'refsource': 'MISC'}
  • {'url': 'https://github.com/Exiv2/exiv2/commit/a38e124076138e529774d5ec9890d0731058115a', 'name': 'https://github.com/Exiv2/exiv2/commit/a38e124076138e529774d5ec9890d0731058115a', 'tags': ['Patch', 'Third Party Advisory'], 'refsource': 'MISC'}
Summary A vulnerability has been found in Exiv2 and classified as critical. This vulnerability affects the function QuickTimeVideo::userDataDecoder of the file quicktimevideo.cpp of the component QuickTime Video Handler. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The name of the patch is a38e124076138e529774d5ec9890d0731058115a. It is recommended to apply a patch to fix this issue. VDB-212350 is the identifier assigned to this vulnerability. ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.
CPE cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*
CWE CWE-787

28 Oct 2022, 19:45

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 9.8
CPE cpe:2.3:a:exiv2:exiv2:*:*:*:*:*:*:*:*
CWE CWE-122
CWE-119		 CWE-787
References (MISC) https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707 - (MISC) https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=51707 - Issue Tracking, Third Party Advisory
References (MISC) https://github.com/Exiv2/exiv2/commit/a38e124076138e529774d5ec9890d0731058115a - (MISC) https://github.com/Exiv2/exiv2/commit/a38e124076138e529774d5ec9890d0731058115a - Patch, Third Party Advisory
References (MISC) https://vuldb.com/?id.212350 - (MISC) https://vuldb.com/?id.212350 - Third Party Advisory

27 Oct 2022, 11:28

Type Values Removed Values Added
New CVE
Information

Published : 2022-10-27 11:15

Updated : 2024-02-04 22:51

NVD link : CVE-2022-3719

Mitre link : CVE-2022-3719

CVE.ORG link : CVE-2022-3719

JSON object : View

Products Affected

No product.

CWE

No CWE.